I’m sure you’ve noticed this morning, or during the past few days, a significant rise in online complaints on social media sites like Twitter and Reddit (1, 2), indicating that an unknown number of customers have been locked out of their Apple IDs for security reasons.

Many people report being locked out of their Apple ID account after first being prompted by their device to enter their account credentials. But, entering the correct password instead yields a message saying that the account has been locked.

“Your Apple ID has been locked for security reasons,” reads an iOS prompt. “To unlock it, you must verify your identity”. After tapping the button Unlock Account, the user is asked to answer their security questions or offered to visit Apple’s account support page and verify their identity there to regain access to Apple services and their Apple ID account.

At present, this doesn’t appear to be an Apple bug. Whatever it is, it is only impacting a minute percentage of our users.

This could be some kind of an attack.

It could be that all of the affected users might be using a certain app attempting to phish out their Apple ID passwords and emails by displaying a fake iOS password popup. Another possible explanation is this could be some kind of a brute-force attack on the Apple IDs which are unprotected by Two-Factor Authentication.

According to Apple, if you or someone else enters your password, answers to security questions or other account information incorrectly too many times, Apple will automatically lock the account to protect your security. As a result of this preventive action, the user is temporarily unable to sign in to any Apple services on any of their devices.

Apple even cites the exact wording used by iOS’s security popup:

“This Apple ID has been disabled for security reasons”

“You can’t sign in because your account was disabled for security reasons”